fix: properly sanitize hard links containing ..

Fix: GHSA-34x7-hfp2-rc4v

The issue here is that *hard* links are resolved relative to the unpack
cwd, so if they have `..`, they cannot possibly be valid, same as files
and for the same reason. The loosening of this restriction for symbolic
links should have been limited by type, allowing this error.

Author: isaacs

src/unpack.ts

@@ -271,6 +271,7 @@ export class Unpack extends Parser {
     field: 'path' | 'linkpath',
   ): boolean {
     const p = entry[field]
+    const { type } = entry
     if (!p || this.preservePaths) return true
 
     const parts = p.split('/')
@@ -284,7 +285,7 @@ export class Unpack extends Parser {
       // just rejecting any path with '..' - relative symlinks like
       // '../sibling/file' are valid if they resolve within the cwd.
       // For paths, they just simply may not ever use .. at all.
-      if (field === 'path') {
+      if (field === 'path' || type === 'Link') {
         this.warn('TAR_ENTRY_ERROR', `${field} contains '..'`, {
           entry,
           [field]: p,

test/ghsa-8qq5-rm4j-mr97.ts

@@ -23,6 +23,20 @@ const getExploitTar = () => {
   }).encode(hardHeader, 0)
   chunks.push(hardHeader)
 
+  const hardSubHeader = Buffer.alloc(1024)
+  new Header({
+    path: 'sub/',
+    type: 'Directory',
+    size: 0,
+  }).encode(hardSubHeader, 0)
+  new Header({
+    path: 'sub/exploit_sub',
+    type: 'Link',
+    size: 0,
+    linkpath: '../secret.txt',
+  }).encode(hardSubHeader, 512)
+  chunks.push(hardSubHeader)
+
   const symHeader = Buffer.alloc(512)
   new Header({
     path: 'exploit_sym',
@@ -77,6 +91,12 @@ t.test('hardlink escape does not clobber target', async t => {
     readFileSync(resolve(dir, 'secret.txt'), 'utf8'),
     'ORIGINAL DATA',
   )
+
+  writeFileSync(resolve(out, 'sub/exploit_sub'), 'OVERWRITTEN SUB')
+  t.equal(
+    readFileSync(resolve(dir, 'secret.txt'), 'utf8'),
+    'ORIGINAL DATA',
+  )
 })
 
 t.test('symlink escapes are sanitized', async t => {